Bitcoin-only firmware integration

.github/workflows/auto-tag-versions.yml

@@ -22,3 +22,4 @@ jobs:
         VERSION=$(cat version.txt | grep firmware | cut -f 2-2 -d '=' | awk -F ':' '{ print 0+$1 "." 0+$2 "." $3*2**8 + $4 }')
         echo $VERSION
         curl   -X POST   -H "Accept: application/vnd.github+json"   -H "Authorization: Bearer ${AUTH_TOKEN}"  -H "X-GitHub-Api-Version: 2022-11-28"   https://api.github.com/repos/${REPOSITORY}/git/refs   -d '{"ref":"refs/tags/v'${VERSION}'","sha":"'${COMMIT}'"}'
+        echo "Tag v${VERSION} created successfully."

.github/workflows/build.yml

@@ -15,38 +15,98 @@ jobs:
       matrix:
         firmware: [Main]
         target: [Release]
+        coin_support: ["BTC_ONLY", "MULTI_COIN"] # Builds both BTC_ONLY and MULTI_COIN variants
     uses: ./.github/workflows/containerized-build.yml
     with:
       firmware: ${{ matrix.firmware }}
       target: ${{ matrix.target }}
+      coin_support_variant: ${{ matrix.coin_support }}
     secrets: inherit
+
   create-release:
-    needs: build-firmwares
+    needs: build-firmwares # Depends on all firmwares being built
     runs-on: ubuntu-latest
     if: ${{ github.ref_type }} == 'tag'
     steps:
       - name: Checkout
         uses: actions/checkout@v3
+
       - name: Download artifacts
         uses: actions/download-artifact@v4
         with:
-          path: ./
+          path: ./ # Downloads all artifacts to the current directory
+
       - name: Publish a release
         env:
           TAG_NAME: ${{ github.ref_name }}
           auth_token: ${{ secrets.GITHUB_TOKEN }}
           REPOSITORY: ${{ github.repository }}
         run: |
-          chkmain=$(sha256sum Main-Release-outputs/Cypherock-Main.bin | cut -f -1 -d ' ')
+          # Calculate SHA256 hash for the MULTI_COIN firmware
+          # The path assumes download-artifact placed it in Main-Release-MULTI_COIN-outputs/build/
+          chkmain_multicoin=$(sha256sum Main-Release-MULTI_COIN-outputs/build/Cypherock-Main.bin | cut -f -1 -d ' ')
+
+          # Calculate SHA256 hash for the BTC_ONLY firmware
+          # The path assumes download-artifact placed it in Main-Release-BTC_ONLY-outputs/build/
+          # The filename is Cypherock-Main-btc.bin due to the CMakeLists.txt modification
+          chkmain_btc_only=$(sha256sum Main-Release-BTC_ONLY-outputs/build/Cypherock-Main-btc.bin | cut -f -1 -d ' ')
+
           APP_VERSION=$(cat version.txt | grep firmware | cut -f 2-2 -d '=' | awk -F ':' '{ print 0+$1 "." 0+$2 "." $3*2**8 + $4 }')
           HW_VERSION=$(cat version.txt | grep hardware | cut -f 2-2 -d '=' | awk -F ':' '{ print 0+$1 "." 0+$2 "." $3*2**8 + $4 }')
-          echo ${APP_VERSION}:${HW_VERSION}
-          curl   -X POST   -H "Accept: application/vnd.github+json"   -H "Authorization: Bearer ${auth_token}"  -H "X-GitHub-Api-Version: 2022-11-28"   https://api.github.com/repos/${REPOSITORY}/releases   -d '{"tag_name":"'${TAG_NAME}'","target_commitish":"main","name":"'${TAG_NAME}'","body":"Application version: '${APP_VERSION}'\r\nHardware version: '${HW_VERSION}'\r\n## SHA256 of binaries:\r\n**Cypherock-Main.bin** : '${chkmain}'","draft":true,"prerelease":false,"generate_release_notes":true}' > output.txt
+
+          echo "Application version: ${APP_VERSION}"
+          echo "Hardware version: ${HW_VERSION}"
+
+          # Create the release with both firmware hashes in the body
+          curl -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${auth_token}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/${REPOSITORY}/releases \
+            -d '{
+              "tag_name":"'${TAG_NAME}'",
+              "target_commitish":"main",
+              "name":"'${TAG_NAME}'",
+              "body":"Application version: '${APP_VERSION}'\r\nHardware version: '${HW_VERSION}'\r\n## SHA256 of binaries:\r\n**Cypherock-Main.bin** : '${chkmain_multicoin}' \r\n**Cypherock-Main-btc.bin** : '${chkmain_btc_only}'",
+              "draft":true,
+              "prerelease":false,
+              "generate_release_notes":true
+            }' > output.txt
+
+          # Extract upload_url for subsequent asset uploads
           echo "upload_url=$(cat output.txt | grep "\"upload_url\":" | cut -f 4-4 -d '"' | cut -f 1-1 -d '{')" >> $GITHUB_ENV
+
       - name: Upload assets
         env:
           auth_token: ${{ secrets.GITHUB_TOKEN }}
+          upload_url: ${{ env.upload_url }} # Use the extracted upload_url
         run: |
-          content_type=$(file -b --mime-type Main-Release-outputs/Cypherock-Main.bin)
-          curl   -X POST   -H "Content-Type: ${content_type}"   -H "Accept: application/vnd.github+json"   -H "Authorization: Bearer ${auth_token}"  -H "X-GitHub-Api-Version: 2022-11-28"   ${upload_url}?name=Cypherock-Main.bin  --data-binary @Main-Release-outputs/Cypherock-Main.bin
-          curl   -X POST   -H "Content-Type: ${content_type}"   -H "Accept: application/vnd.github+json"   -H "Authorization: Bearer ${auth_token}"  -H "X-GitHub-Api-Version: 2022-11-28"   ${upload_url}?name=version.txt  --data-binary @version.txt
+          # Upload the MULTI_COIN firmware binary
+          content_type_multicoin=$(file -b --mime-type Main-Release-MULTI_COIN-outputs/build/Cypherock-Main.bin)
+          curl -X POST \
+            -H "Content-Type: ${content_type_multicoin}" \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${auth_token}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "${upload_url}?name=Cypherock-Main.bin" \
+            --data-binary @Main-Release-MULTI_COIN-outputs/build/Cypherock-Main.bin
+
+          # Upload the BTC_ONLY firmware binary
+          content_type_btc_only=$(file -b --mime-type Main-Release-BTC_ONLY-outputs/build/Cypherock-Main-btc.bin)
+          curl -X POST \
+            -H "Content-Type: ${content_type_btc_only}" \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${auth_token}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "${upload_url}?name=Cypherock-Main-btc.bin" \
+            --data-binary @Main-Release-BTC_ONLY-outputs/build/Cypherock-Main-btc.bin
+
+          # Upload version.txt
+          content_type_version=$(file -b --mime-type version.txt)
+          curl -X POST \
+            -H "Content-Type: ${content_type_version}" \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${auth_token}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "${upload_url}?name=version.txt" \
+            --data-binary @version.txt

.github/workflows/ci-tests.yml

@@ -198,3 +198,4 @@ jobs:
           cat test_results.txt
           # Unity prints "OK" if all tests pass, "FAIL" if tests fail; return 1 to indicate failure
           if [ ! "$(tail -n 1 test_results.txt)" = "OK" ]; then exit 1; fi
+

.github/workflows/containerized-build.yml

@@ -9,30 +9,81 @@ on:
       target:
         required: true
         type: string
+      coin_support_variant:
+        required: true
+        type: string
+  workflow_dispatch:
+    inputs:
+      firmware:
+        required: true
+        type: string
+        default: 'Main'
+      target:
+        required: true
+        type: string
+        default: 'Release'
+      coin_support_variant:
+        required: true
+        type: string
+        default: 'MULTI_COIN'
 
 jobs:
   build:
     runs-on: ubuntu-latest
     container:
       image: cypherock/x1-firmware-builder:v0.0.0
+
     steps:
-    - name: Build Firmware (${{ inputs.firmware }} - ${{ inputs.target }})
+    - name: Set VERSION_TAG
+      id: set_version_tag
       run: |
         if [[ "${{ github.ref_type }}" == "tag" ]]; then
-          export VERSION_TAG=$(echo "${{ github.ref }}" | cut -f 3- -d '/')
+          echo "VERSION_TAG=$(echo "${{ github.ref }}" | cut -f 3- -d '/')" >> $GITHUB_OUTPUT
         elif [[ "${{ github.ref_type }}" == "branch" ]]; then
-          export VERSION_TAG=$(echo "${{ github.ref }}" | cut -f 3- -d '/')
+          echo "VERSION_TAG=$(echo "${{ github.ref }}" | cut -f 3- -d '/')" >> $GITHUB_OUTPUT
         else
-          # reftype is repository; use default branch
-          export VERSION_TAG=main
+          echo "VERSION_TAG=main" >> $GITHUB_OUTPUT
         fi
-        git clone --branch ${VERSION_TAG} --depth 1 https://github.com/${{ github.repository }}.git --recurse-submodules
-        mkdir build && cd x1_wallet_firmware && mkdir build && cd build
-        cmake -DCMAKE_BUILD_TYPE="${{ inputs.target }}" -DFIRMWARE_TYPE="${{ inputs.firmware }}" -DCMAKE_BUILD_PLATFORM="Device" -G "Ninja" ..
-        ninja && cd ../..
-        cp x1_wallet_firmware/build/Cypherock-*.* ./build/
-    - name: Archive Build Artifacts
+
+    - name: Checkout Repository
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ steps.set_version_tag.outputs.VERSION_TAG }}
+        submodules: recursive
+
+    - name: Build Firmware (${{ inputs.firmware }} - ${{ inputs.target }} - ${{ inputs.coin_support_variant }})
+      run: |
+        cd x1_wallet_firmware
+
+        BTC_ONLY_FLAG="OFF"
+        if [[ "${{ inputs.coin_support_variant }}" == "BTC_ONLY" ]]; then
+          BTC_ONLY_FLAG="ON"
+        fi
+
+        BUILD_DIR="build_${{ inputs.coin_support_variant }}"
+        mkdir -p "${BUILD_DIR}"
+
+        cmake -B "${BUILD_DIR}" \
+              -DDEV_SWITCH=OFF \
+              -DUNIT_TESTS_SWITCH:BOOL=OFF \
+              -DBTC_ONLY:BOOL="${BTC_ONLY_FLAG}" \
+              -DSIGN_BINARY=OFF \
+              -DCMAKE_BUILD_TYPE:STRING="${{ inputs.target }}" \
+              -DFIRMWARE_TYPE="${{ inputs.firmware }}" \
+              -DCMAKE_EXPORT_COMPILE_COMMANDS:BOOL=OFF \
+              -DCMAKE_BUILD_PLATFORM:STRING="Device" \
+              -G "Ninja" .
+
+        ninja -C "${BUILD_DIR}"
+
+        cd .. 
+
+        mkdir -p build
+
+        cp x1_wallet_firmware/"${BUILD_DIR}"/Cypherock-*.* ./build/
+
+    - name: Archive Build Artifacts (${{ inputs.coin_support_variant }})
       uses: actions/upload-artifact@v4
       with:
-        name: ${{ inputs.firmware }}-${{ inputs.target }}-outputs
-        path: build
+        name: ${{ inputs.firmware }}-${{ inputs.target }}-${{ inputs.coin_support_variant }}-outputs
+        path: build

.github/workflows/publish-docs.yml

@@ -26,4 +26,4 @@ jobs:
         AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
         AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
         AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      run: aws s3 cp ./doxygen/html s3://docs-x1.cypherock.com --recursive
+      run: aws s3 cp ./doxygen/html s3://docs-x1.cypherock.com --recursive

.github/workflows/version-check.yml

@@ -24,4 +24,4 @@ jobs:
         version0=$(git show ${SHA_BASE}:version.txt | grep firmware | cut -f 2-2 -d '=' | awk -F ':' '{ print $1*2**24 + $2*2**16 + $3*2**8 + $4 }')
         version1=$(git show ${SHA_HEAD}:version.txt | grep firmware | cut -f 2-2 -d '=' | awk -F ':' '{ print $1*2**24 + $2*2**16 + $3*2**8 + $4 }')
         echo $version0:$version1
-        if [[ $version0 > $version1 ]]; then echo -e "Version downgrade detected\nfrom $version0 to $version1\n"; exit 1; fi
+        if [[ $version0 > $version1 ]]; then echo -e "Version downgrade detected\nfrom $version0 to $version1\n"; exit 1; fi

CMakeLists.txt

@@ -13,31 +13,66 @@ else()
     set(PROJECT Cypherock_Simulator)
 endif()
 
+# Define all options upfront, including BTC_ONLY
+OPTION(DEV_SWITCH "Additional features/logs to aid developers" OFF)
+OPTION(UNIT_TESTS_SWITCH "Compile build for main firmware or unit tests" OFF)
+OPTION(BTC_ONLY "Build firmware for Bitcoin only" OFF)
+
+# Logic to append -btc to project name if BTC_ONLY is enabled
+if (BTC_ONLY)
+    set(PROJECT ${PROJECT}-btc)
+endif()
+
+# Make static functions testable via unit-tests
+IF(UNIT_TESTS_SWITCH)
+    add_compile_definitions( STATIC= )
+ELSE()
+    add_compile_definitions( STATIC=static )
+ENDIF(UNIT_TESTS_SWITCH)
+
+# Now define the project with its final name, after all modifications
 project(${PROJECT})
 
 # python is needed for compiling proto files using nanopb
 # also for generating & appending firmware signature headers
 find_package( Python3 REQUIRED COMPONENTS Interpreter )
-execute_process(COMMAND sh utilities/proto/generate-protob.sh WORKING_DIRECTORY ${PROJECT_SOURCE_DIR} COMMAND_ERROR_IS_FATAL ANY )
+
+# Conditionally generate protobuf files based on the BTC_ONLY option
+IF(BTC_ONLY)
+    message(STATUS "Generating protobufs for BTC-only build")
+    execute_process(COMMAND bash utilities/proto/generate-protob.sh --btc-only
+                    WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
+                    COMMAND_ERROR_IS_FATAL ANY)
+ELSE()
+    message(STATUS "Generating protobufs for full build")
+    execute_process(COMMAND bash utilities/proto/generate-protob.sh
+                    WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
+                    COMMAND_ERROR_IS_FATAL ANY)
+ENDIF()
 
 # Populate version.c
 include(utilities/cmake/version.cmake)
 
 file(GLOB_RECURSE PROTO_SRCS "generated/proto/*.*")
-list(APPEND PROTO_SRCS "vendor/nanopb/pb_common.c" "vendor/nanopb/pb_decode.c" "vendor/nanopb/pb_encode.c" "vendor/nanopb/pb_common.h" "vendor/nanopb/pb_decode.h" "vendor/nanopb/pb_encode.h" "vendor/nanopb/pb.h")
-
-list (APPEND MINI_GMP_SRCS "vendor/mini-gmp/mini-gmp-helpers.c" "vendor/mini-gmp/mini-gmp.c")
-list (APPEND POSEIDON_SRCS "vendor/poseidon/sources/f251.c" "vendor/poseidon/sources/poseidon.c" "vendor/poseidon/sources/poseidon_rc.c")
-
-OPTION(DEV_SWITCH "Additional features/logs to aid developers" OFF)
-OPTION(UNIT_TESTS_SWITCH "Compile build for main firmware or unit tests" OFF)
+list(APPEND PROTO_SRCS
+    "vendor/nanopb/pb_common.c"
+    "vendor/nanopb/pb_decode.c"
+    "vendor/nanopb/pb_encode.c"
+    "vendor/nanopb/pb_common.h"
+    "vendor/nanopb/pb_decode.h"
+    "vendor/nanopb/pb_encode.h"
+    "vendor/nanopb/pb.h"
+)
 
-# Make static functions testable via unit-tests
-IF(UNIT_TESTS_SWITCH)
-    add_compile_definitions( STATIC= )
-ELSE()
-    add_compile_definitions( STATIC=static )
-ENDIF(UNIT_TESTS_SWITCH)
+list (APPEND MINI_GMP_SRCS
+    "vendor/mini-gmp/mini-gmp-helpers.c"
+    "vendor/mini-gmp/mini-gmp.c"
+)
+list (APPEND POSEIDON_SRCS
+    "vendor/poseidon/sources/f251.c"
+    "vendor/poseidon/sources/poseidon.c"
+    "vendor/poseidon/sources/poseidon_rc.c"
+)
 
 if ("${CMAKE_BUILD_TYPE}" STREQUAL "Release")
     add_compile_definitions(FIRMWARE_HASH_CALC=1)
@@ -47,13 +82,18 @@ endif()
 
 if("${CMAKE_BUILD_PLATFORM}" STREQUAL "Device")
     include(utilities/cmake/firmware/firmware.cmake)
-else()
+else() # Simulator or default
     include(utilities/cmake/simulator/simulator.cmake)
 endif()
 
 # Include nanopb source headers
-target_include_directories( ${EXECUTABLE} PRIVATE vendor/nanopb generated/proto vendor/mini-gmp vendor/poseidon/sources)
+target_include_directories( ${EXECUTABLE} PRIVATE
+    vendor/nanopb
+    generated/proto
+    vendor/mini-gmp
+    vendor/poseidon/sources
+)
 
 # Enable support for dynamically allocated fields in nanopb
 # Ref: vendor/nanopb/pb.h
-add_compile_definitions(PB_ENABLE_MALLOC=1 PB_NO_ERRMSG=1)
+add_compile_definitions(PB_ENABLE_MALLOC=1 PB_NO_ERRMSG=1)

apps/btc_family/btc_pub_key.c

@@ -70,7 +70,11 @@
 #include "coin_utils.h"
 #include "composable_app_queue.h"
 #include "curves.h"
+
+#ifndef BTC_ONLY_BUILD
 #include "exchange_main.h"
+#endif    // BTC_ONLY_BUILD
+
 #include "reconstruct_wallet_flow.h"
 #include "status_api.h"
 #include "ui_core_confirm.h"
@@ -157,7 +161,9 @@ static void send_public_key(const uint8_t *public_key);
 /*****************************************************************************
  * STATIC VARIABLES
  *****************************************************************************/
+#ifndef BTC_ONLY_BUILD
 static bool sign_address = false;
+#endif    // BTC_ONLY_BUILD
 
 static bool check_which_request(const btc_query_t *query,
                                 pb_size_t which_request) {
@@ -180,15 +186,16 @@ static bool validate_request_data(btc_get_public_key_request_t *request) {
     status = false;
   }
 
+#ifndef BTC_ONLY_BUILD
   caq_node_data_t data = {.applet_id = get_btc_app_desc()->id};
 
   memzero(data.params, sizeof(data.params));
   memcpy(data.params,
          request->initiate.wallet_id,
          sizeof(request->initiate.wallet_id));
   data.params[32] = EXCHANGE_FLOW_TAG_RECEIVE;
-
   sign_address = exchange_app_validate_caq(data);
+#endif    // BTC_ONLY_BUILD
 
   return status;
 }
@@ -310,9 +317,11 @@ void btc_get_pub_key(btc_query_t *query) {
   size_t length = btc_get_address(seed, path, path_length, public_key, msg);
   memzero(seed, sizeof(seed));
 
+#ifndef BTC_ONLY_BUILD
   if (sign_address) {
     exchange_sign_address(msg, sizeof(msg));
   }
+#endif    // BTC_ONLY_BUILD
 
   if (0 < length &&
       true == core_scroll_page(ui_text_receive_on, msg, btc_send_error)) {